Effective threat assessment, forensic investigation and incident response.
REQUIRE URGENT INCIDENT RESPONSE?
How can Secrutiny help?
A two-phased approach is used to broadly examine the network as a whole to identify a much smaller set of ‘hosts of interest’ that are analysed more deeply in the second phase.
The first phase consists of the collection of information from across the entire estate, which is baselined and analysed for usage patterns, statistical anomalies, user behaviour, and vulnerabilities to determine the scope of the incident and identify ‘hosts of interest’.
The ‘hosts of interest’ are examined in greater detail to determine misuse and the risk this threat poses to the organisation.
Step 1: Identify the ‘host of interests’ use and the criticality to the business.
Step 2: Utilise a forensically sound collection tool to gather relevant artefacts.
Step 3: Analyse the collected artefacts to create “the story behind the compromise and its activity”.
Once the analysis has been completed, the results are presented back to the customer in the form of a report for review with the associated evidence and recommended remedial actions.
WANT TO LEARN MORE?
BOOK A DEMO…
Learn more about Secrutiny’s effective threat assessment, forensic investigation and incident response services, just fill in your details below.
*We’d love to keep you up to date with security alerts, free tools & techniques, event invites and company updates. We’ll always treat your details with the utmost care and will never sell them to other companies for marketing purposes. Remember you can change your preferences and opt-out at any time.
Secrutiny were able to quickly establish the root cause of the attack, raising a level of confidence within our team that undoubtedly helped us achieve a successful outcome.
Head of IT